ROS-20260420-73-0018

A vulnerability in the CMS message handler of the OpenSSL cryptographic library is related to writing outside buffer boundaries when processing an initialization vector. Exploitation of the vulnerability could allow a remote attacker to execute arbitrary code by sending specially crafted packets...

Insecure Default Initialization of Resource

Overview @openclaw/feishu is an OpenClaw Feishu/Lark channel plugin community maintained by @m1heng Affected versions of this package are vulnerable to Insecure Default Initialization of Resource via improper validation of the encryptKey configuration and blank callback tokens. An attacker can ga...

DEBIAN-CVE-2026-33145

xrdp is an open source RDP server. Versions through 0.10.5 allow an authenticated remote user to execute arbitrary commands on the server due to unsafe handling of the AlternateShell parameter in xrdp-sesman. When the AllowAlternateShell setting is enabled which is the default when not explicitly...

CVE-2026-33145

xrdp is an open source RDP server. Versions through 0.10.5 allow an authenticated remote user to execute arbitrary commands on the server due to unsafe handling of the AlternateShell parameter in xrdp-sesman. When the AllowAlternateShell setting is enabled which is the default when not explicitly...

CVE-2026-33145 xrdp: Authenticated RCE via unsanitized AlternateShell execution in xrdp-sesman

xrdp is an open source RDP server. Versions through 0.10.5 allow an authenticated remote user to execute arbitrary commands on the server due to unsafe handling of the AlternateShell parameter in xrdp-sesman. When the AllowAlternateShell setting is enabled which is the default when not explicitly...

CVE-2026-33145

xrdp is an open source RDP server. Versions through 0.10.5 allow an authenticated remote user to execute arbitrary commands on the server due to unsafe handling of the AlternateShell parameter in xrdp-sesman. When the AllowAlternateShell setting is enabled which is the default when not explicitly...

CVE-2026-33145

xrdp is an open source RDP server. Versions through 0.10.5 allow an authenticated remote user to execute arbitrary commands on the server due to unsafe handling of the AlternateShell parameter in xrdp-sesman. When the AllowAlternateShell setting is enabled which is the default when not explicitly...

OESA-2026-1947 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: mptcp: Initialise rcvmss before calling tcpsendactivereset in mptcpdofastclose. syzbot reported divide-by-zero in tcpselectwindow by MPTCP socket. 0 We had a...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007461)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007461 advisory. In the Linux kernel, the following vulnerability has been resolved: staging: vt6655: fix some erroneous memory clean-up loops In some initialization functions of thi...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007362)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007362 advisory. In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix kernel NULL pointer dereference error When rxequeueinit in the function rxeqpinitre...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007244)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007244 advisory. In the Linux kernel, the following vulnerability has been resolved: RDMA/qedr: Fix qedrcreateuserqp error flow Avoid the following warning by making sure to free the...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007280)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007280 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/bridge: adv7511: fix crash on irq during probe Moved IRQ registration down to end of...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007251)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007251 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: delay all of ath9kwmieventtasklet until init is complete The ath9kwmieventtasklet us...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007595)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007595 advisory. In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Handle SRCU initialization failure during page track init Check the return of...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007386)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007386 advisory. In the Linux kernel, the following vulnerability has been resolved: f2fs: fix information leak in f2fsmoveinlinedirents When converting an inline directory to a...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007229)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007229 advisory. In the Linux kernel, the following vulnerability has been resolved: tcp: make sure init the acceptqueue's spinlocks once When I run syz's reproduction C program...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007473)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007473 advisory. In the Linux kernel, the following vulnerability has been resolved: nfc: pn533: Clear nfctarget before being used Fix a slab-out-of-bounds read that occurs in nlaput...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007462)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007462 advisory. In the Linux kernel, the following vulnerability has been resolved: net: hns3: put off calling registernetdev until client initialize complete Currently, the netdevi...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007580)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007580 advisory. In the Linux kernel, the following vulnerability has been resolved: jfs: fix uninitialized waitqueue in transaction manager The transaction manager initialization in...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007309)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007309 advisory. In the Linux kernel, the following vulnerability has been resolved: RDMA/srpt: Do not register event handler until srpt device is fully setup Upon rare occasions,...